<?php
if($_SERVER['REQUEST_METHOD'] != 'POST'){
	header('location:/');
}
include '../webadmin/inc/global.php';
class Request {
    public $get = array();
    public $post = array();
    public $cookie = array();
    public $files = array();
    public $server = array();
    public function __construct() {
            $this->get = $this->clean($_GET);
            $this->post = $this->clean($_POST);
            $this->request = $this->clean($_REQUEST);
            $this->cookie = $this->clean($_COOKIE);
            $this->files = $this->clean($_FILES);
            $this->server = $this->clean($_SERVER);
    }

    public function clean($data) {
            if (is_array($data)) {
                    foreach ($data as $key => $value) {
                            unset($data[$key]);
                            $data[$this->clean($key)] = $this->clean($value);
                    }
            } else {
                    $data = htmlspecialchars($data, ENT_COMPAT, 'UTF-8');
            }

            return $data;
    }
	public function escape($value) {
			$search = array("\\", "\0", "\n", "\r", "\x1a", "'", '"');
			$replace = array("\\\\", "\\0", "\\n", "\\r", "\Z", "\'", '\"');
			return str_replace($search, $replace, $value);
	}
}

$request = new Request();
if(!isset($request->post['message'])){
	header('location:/');
}
		$ip = $_SERVER["REMOTE_ADDR"];
		$y = date("Y");//获取当天的年份
		$m = date("m");//获取当天的月份
		$d = date("d");//获取当天的号数
		$todayTime= mktime(0,0,0,$m,$d,$y);
		$daytime = $todayTime+86399;
		$sql = "select sen_message10 from sen_message where sen_message9 between '".$todayTime."' and ".$daytime;	
		$re = mysql_query($sql);
		$data =array();
		while($row = mysql_fetch_assoc($re)){
			 $data []=$row;
		};
		$v = sizeof($data);
		$da = array();
		for($i=0;$i<$v;$i++){
			  $da[]=$data[$i]['sen_message10'];
		}
		$countip = array_count_values($da)[$ip];
		if($countip>2){
			echo "<script>alert('今天留言已达上限！');parent.location.href='/index.html';</script>";
		}else{
			$jobinfo = $request->post['message'];
			$key = 'sen_message1,sen_message5,sen_message6,sen_message7,sen_message8,sen_message9,sen_message10';
			$val = '"82","'.$request->escape($jobinfo['sen_message5']).'","'.$request->escape($jobinfo['sen_message6']).'","'.$request->escape($jobinfo['sen_message7']).'","'.$request->escape($jobinfo['sen_message8']).'","'.time().'","'.$ip.'"';
			$insql = 'insert into sen_message('.$key.')values('.$val.')';
			if($db->query($insql)){
				echo "<script>alert('您的信息已提交成功，我们会尽快联系您');parent.location.href='/index.html'; </script>";
			}else{
				echo "<script>alert('您的信息已提交失败');parent.location.href='/index.html';</script>";
			}			
		}



